Skills
skills/laurigates/claude-plugins/blueprint-curate-docs/Gen Agent Trust Hub

blueprint-curate-docs

Fail

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DYNAMIC_CONTEXT_INJECTION]: The skill uses dynamic context execution (!command) to run shell commands at load time. One command in SKILL.md directly interpolates a user-controlled argument into a shell command: find . -maxdepth 1 ... -exec grep -m1 "^$1[\":@=]" {} +. An attacker providing a crafted argument (e.g., ; malicious_command ;) can execute arbitrary shell commands on the system.\n- [INDIRECT_PROMPT_INJECTION]: The skill gathers data from the public internet to generate local documentation, which can lead to the agent following malicious instructions embedded in the source content.\n
  • Ingestion points: Untrusted external data retrieved via WebSearch and WebFetch in Steps 2 and 3.\n
  • Boundary markers: None. The skill does not use delimiters or instructions to ignore potential commands within the fetched content.\n
  • Capability inventory: The skill possesses Bash and Write capabilities, used for updating manifest.json and creating documentation files.\n
  • Sanitization: None. The skill does not perform any validation or sanitization of the fetched web content before it is processed by the agent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 14, 2026, 04:17 PM
Security Audit — agent-trust-hub — blueprint-curate-docs